Commit 56ba06c0 authored by Martin Kraft's avatar Martin Kraft Committed by Joram Wilander

MM-10980: Conditionally filteres User json properties. (#9018)

parent e51ae397
......@@ -154,7 +154,11 @@ func getUserByUsername(c *Context, w http.ResponseWriter, r *http.Request) {
if c.HandleEtag(etag, "Get User", w, r) {
return
} else {
c.App.SanitizeProfile(user, c.IsSystemAdmin())
if c.Session.UserId == user.Id {
user.Sanitize(map[string]bool{})
} else {
c.App.SanitizeProfile(user, c.IsSystemAdmin())
}
w.Header().Set(model.HEADER_ETAG_SERVER, etag)
w.Write([]byte(user.ToJson()))
return
......
......@@ -411,7 +411,7 @@ func TestGetUserByUsername(t *testing.T) {
th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false })
th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = false })
ruser, resp = Client.GetUserByUsername(user.Username, "")
ruser, resp = Client.GetUserByUsername(th.BasicUser2.Username, "")
CheckNoError(t, resp)
if ruser.Email != "" {
......@@ -424,6 +424,12 @@ func TestGetUserByUsername(t *testing.T) {
t.Fatal("last name should be blank")
}
ruser, resp = Client.GetUserByUsername(th.BasicUser.Username, "")
CheckNoError(t, resp)
if len(ruser.NotifyProps) == 0 {
t.Fatal("notify props should be sent")
}
Client.Logout()
_, resp = Client.GetUserByUsername(user.Username, "")
CheckUnauthorizedStatus(t, resp)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment